SSL stands for Secure Sockets Layer. It describes a technology used to encrypt sensitive information sent over the Web. When a client--a Web browser or server--connects to a Web server that uses SSL, the connecting client would obtain a SSL certificate from the secured server. That SSL certificate will include some details about the Web site that uses the certificate, such as its domain name. It would also contain an expiration date for the certificate, and a Public Key that is available to all clients that connect to that server. When the client needs to encrypt data, it uses the Public Key to do it. The Public Key is formatted in such a way that the only way to decrypt the information would be with a Private Key, which is stored in a safe place on the secured server.

In order for SSL to be reliable, SSL certificates are issued by a Certification Authority who can verify that a given Public Key belongs to a given Web site. In order to do that, the merchant would obtain a Certificate Signing Request (CSR) from their Web hosting company, which would include the Public Key and the site's details. Upon verifying these details, the Certification Authority would issue the site's SSL certificate, which would then be given to the Web hosting company to load onto the server so they can enable SSL.

SSL is strongly recommended for all merchants whose Web sites will be handling personal or sensitive information from their customers. If your site provides a payment form where credit card details may be entered, then you would be required by the Payment Card Industry Data Security Standard (PCI DSS) to encrypt the payment form and the data it collects.

Please note that Authorize.Net does not provide SSL certificates or CSRs. Please contact your Web hosting company if you need a CSR generated so you can obtain a SSL certificate.

Note: Technically speaking, SSL has been superseded by Transport Layer Security (TLS), which is based on SSL and operates in much the same way. For this document, TLS and SSL are used interchangeably.